--- a/www/includes/db_inventory_suppliers.php Wed Aug 10 11:43:19 2022 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,106 +0,0 @@
-<?php
-
-require($_SERVER['DOCUMENT_ROOT']."/config.php");
-require($_SERVER['DOCUMENT_ROOT']."/version.php");
-
-#Connect to the database
-$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
-if (! $connect) {
- die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
-}
-mysqli_set_charset($connect, "utf8" );
-
-$response = array(
- 'error' => false,
- 'msg' => 'Ok',
-);
-
-// get data and store in a json array
-$query = "SELECT * FROM inventory_suppliers ORDER BY name";
-if (isset($_POST['insert'])) {
- // INSERT COMMAND
- $sql = "INSERT INTO `inventory_suppliers` SET ";
- if (isset($_POST['uuid']) && (strlen($_POST['uuid']) == 36)) {
- $sql .= "uuid='" . $_POST['uuid'];
- } else {
- $uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid'));
- $sql .= "uuid='" . $uuid;
- }
- $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
- $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']);
- $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']);
- $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']);
- $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']);
- $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']);
- $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']);
- $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']);
- $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
- $sql .= "';";
- $result = mysqli_query($connect, $sql);
- if (! $result) {
- syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect));
- $response['error'] = true;
- $response['msg'] = "SQL fout: ".mysqli_error($connect);
- }
- exit(json_encode($response));
-
-} else if (isset($_POST['update'])) {
- // UPDATE COMMAND
- $sql = "UPDATE `inventory_suppliers` SET uuid='" . $_POST['uuid'];
- $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
- $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']);
- $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']);
- $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']);
- $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']);
- $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']);
- $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']);
- $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']);
- $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
- $sql .= "' WHERE record='" . $_POST['record'] . "';";
- $result = mysqli_query($connect, $sql);
- if (! $result) {
- syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect));
- $response['error'] = true;
- $response['msg'] = "SQL fout: ".mysqli_error($connect);
- }
- exit(json_encode($response));
-
-} else if (isset($_POST['delete'])) {
- // DELETE COMMAND
- $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';";
- $result = mysqli_query($connect, $sql);
- if (! $result) {
- syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect));
- $response['error'] = true;
- $response['msg'] = "SQL fout: ".mysqli_error($connect);
- }
- exit(json_encode($response));
-
-} else {
- // SELECT COMMAND
- $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
- while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
- $suppliers[] = array(
- 'record' => $row['record'],
- 'uuid' => $row['uuid'],
- 'name' => $row['name'],
- 'address' => $row['address'],
- 'city' => $row['city'],
- 'zip' => $row['zip'],
- 'country' => $row['country'],
- 'website' => $row['website'],
- 'email' => $row['email'],
- 'phone' => $row['phone'],
- 'notes' => $row['notes']
- );
- }
- header("Content-type: application/json");
- exit(json_encode($suppliers));
-}
-
-syslog(LOG_NOTICE, "db_inventory_suppliers: missing arguments");
-$response['error'] = true;
-$response['msg'] = "missing arguments";
-echo json_encode($response);
-
-?>